From 61fd1868ff81e8dc29dcc13e4fc2004df6a9e5e0 Mon Sep 17 00:00:00 2001
From: Rex Dieter <rdieter@math.unl.edu>
Date: Wed, 19 Jul 2017 09:52:29 -0500
Subject: [PATCH] CVE-2017-11403 (#1472214)

---
 GraphicsMagick-CVE-2017-11403.patch | 24 ++++++++++++++++++++++++
 GraphicsMagick.spec                 |  7 ++++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 GraphicsMagick-CVE-2017-11403.patch

diff --git a/GraphicsMagick-CVE-2017-11403.patch b/GraphicsMagick-CVE-2017-11403.patch
new file mode 100644
index 0000000..987a4f2
--- /dev/null
+++ b/GraphicsMagick-CVE-2017-11403.patch
@@ -0,0 +1,24 @@
+
+# HG changeset patch
+# User Glenn Randers-Pehrson <glennrp+bmo@gmail.com>
+# Date 1499704855 14400
+# Node ID d0a76868ca37ae482eb3e8cecbb9150c5348ffe8
+# Parent  b24f2a9b0dd70506d429e537ff3e81532b5bfc23
+coders/png.c (ReadMNGImage): Fix out-of-order CloseBlob()
+
+and DestroyImageList() that caused a use-after-free crash.
+
+diff -r b24f2a9b0dd7 -r d0a76868ca37 coders/png.c
+--- a/coders/png.c	Mon Jul 10 11:31:05 2017 -0400
++++ b/coders/png.c	Mon Jul 10 12:40:55 2017 -0400
+@@ -5161,8 +5161,8 @@
+ 
+       if (image == (Image *) NULL)
+         {
++          CloseBlob(previous);
+           DestroyImageList(previous);
+-          CloseBlob(previous);
+           MngInfoFreeStruct(mng_info,&have_mng_structure);
+           return((Image *) NULL);
+         }
+
diff --git a/GraphicsMagick.spec b/GraphicsMagick.spec
index e3ffc3f..f4f5a39 100644
--- a/GraphicsMagick.spec
+++ b/GraphicsMagick.spec
@@ -33,7 +33,7 @@
 Summary: An ImageMagick fork, offering faster image generation and better quality
 Name: GraphicsMagick
 Version: 1.3.26
-Release: 2%{?dist}
+Release: 3%{?dist}
 
 License: MIT
 Group: Applications/Multimedia
@@ -49,6 +49,7 @@ Patch100: GraphicsMagick-1.3.16-multilib.patch
 Patch50: GraphicsMagick-1.3.14-perl_linkage.patch
 
 ## upstream patches
+Patch1: GraphicsMagick-CVE-2017-11403.patch
 
 BuildRequires: bzip2-devel
 BuildRequires: freetype-devel
@@ -162,6 +163,7 @@ however.
 %prep
 %setup -q
 
+%patch1 -p1 -b .CVE-2017-11403
 %patch50 -p1 -b .perl_linkage
 %patch100 -p1 -b .multilib
 
@@ -322,6 +324,9 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Wed Jul 19 2017 Rex Dieter <rdieter@fedoraproject.org> - 1.3.26-3
+- CVE-2017-11403 (#1472214)
+
 * Fri Jul 07 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.3.26-2
 - Rebuild due to bug in RPM (RHBZ #1468476)